LAN OK, Internet KO

English Network/Internet
1

Hello all,

I’m desperated. I have installed a SUSE 10.3 but I have problems with the internet access. From my point of view the network is configurated properly. The router give a valid IP and a valid DNS, the machine can be seen over the lan even controlled by VNC, and the pings and tracerouters to internet machines also works. The problem is when browsing, the Firefox says “Site XXXX connected. Waiting …” and anything more happens.

I have seen in several forums ways for disable IPv6. That is done, but the problem is still there. Could anyone please help me?

Thanks in advanced.

2

Check your resolv.conf file to make sure nameservers are available.

3
  • albertosanchezm,

can you try a different browser, e.g. konqueror?
Also, in a terminal, try
telnet www.google.de 80
to see if you can connect on port 80.

Can you send and receive mail?

Uwe

4

Here is my resolv.conf, I think it’s right:

nameserver 80.58.0.33
nameserver 192.168.1.1
search local

For the other questions:

  • I also tried with Konqueror with same result.
  • Doing a “telnet Google 80” the connection is performed, but after that, if I set “GET HTTP/1.1 /” nothing happens.
  • Using Kmail I cannot neither send nor receive mails.
5
  • albertosanchezm,

sounds weird.

Are you beind a router with a DHCP server? If so, try and use DHCP.
Also try and stop the firewall on your Opensuse box

Uwe

6

The eth0 is configured with DHCP+Zeroconf. I have tried to stop/start the firewall but everything seems the same.

7

albertosanchezm schrieb:
> Here is my resolv.conf, I think it’s right:
>
> nameserver 80.58.0.33
> nameserver 192.168.1.1
> search local
>
> For the other questions:
>
> - I also tried with Konqueror with same result.
> - Doing a “telnet ‘Google’ (http://www.google.com) 80” the connection
> is performed, but after that, if I set “GET HTTP/1.1 /” nothing
> happens.

So name resolution works, but actual TCP connections get stuck
after the initial handshake? That’s very weird.

I assume that 192.168.1.1 is on your local network while the
other one is your provider’s nameserver. Try the commands

host www.opensuse.org 192.168.1.1

and

host www.opensuse.org 80.58.0.33

to see if you can actually access both of these nameservers.
What kind of router is there between you and the Internet?
Is there any kind of firewall, possibly blocking either your
connection attempts or the ICMP messages which are necessary
for proper functioning of TCP?

HTH
T.


Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany

8

The 192.168.1.1 is the gateway and the 80.58.0.33 is the DNS set by my service provider.

Here are the results:

host www.opensuse.org 192.168.1.1
;; connection timed out; no servers could be reached

host www.opensuse.org 80.58.0.33
Using domain server:
Name: 80.58.0.33
Address: 80.58.0.33#53
Aliases:

www.opensuse.org has address 130.57.4.24

There are only a switch and a router with no proxy neither firewall in the network. The SUSE firewall is set t"Internal Zone (no protection)".

Could you tell me how can I see if the packages are lost?

9

albertosanchezm schrieb:
> The 192.168.1.1 is the gateway and the 80.58.0.33 is the DNS set by my
> service provider.
>
> Here are the results:
>
>
> Code:
> --------------------
> host www.opensuse.org 192.168.1.1
> ;; connection timed out; no servers could be reached

Ok, so your gateway doesn’t answer DNS queries. You should probably remove
it from your resolv.conf file, though I don’t think that alone will solve
your problem.

> host www.opensuse.org 80.58.0.33
> Using domain server:
> Name: 80.58.0.33
> Address: 80.58.0.33#53
> Aliases:
>
> www.opensuse.org has address 130.57.4.24
> --------------------

So that one works. Good.

> There are only a switch and a router with no proxy neither firewall in
> the network. The SUSE firewall is set t"Internal Zone (no protection)".

I assume “router” here is the same as “gateway” above. What kind of
router is that? How did you configure it? Does it have any kind of
“firewall” or “hacker defense” or “anti-DOS” functionality?

HTH
T.

10

OK, I removed the 192.168.1.1 IP from the resolv.config. Still doesn’t work.

You are right. The router is the same that the gateway, sorry!

As far as I know, there is no firewall or “hacker defense” in the router. The rest of windows machines in the network connects to internet without problem.

Thanks for all.

11

In Firefox go to Edit - Preferences - Advanced - Network - Settings and make sure Firefox is set to “No proxy”. (Not sure whether you have to close and restart Firefox).

See if that helps.

12

Done. No proxy was set in the firefox configuration. Anyway, the problem algo happens with Konqueror.

One interesting thing I have seen: I try to open the router web console (in 192.168.1.1) from Firefox with the same result: “Direction 192.168.1.1 connected. Waiting for reply…”. Doing the same from a windows machine the connection is performed witout problem. For me, this seems like a routing problem, isn’t it?

13

A few more information:

ifconfig

eth0      Link encap:Ethernet  HWaddr 00:11:25:C4:DA:C0
          inet addr:192.168.1.34  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:195707 errors:0 dropped:0 overruns:0 frame:0
          TX packets:241855 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14612472 (13.9 Mb)  TX bytes:125604808 (119.7 Mb)
          Interrupt:16

eth1      Link encap:Ethernet  HWaddr 00:11:25:C4:DA:C1
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:17

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1794347 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1794347 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2319764937 (2212.3 Mb)  TX bytes:2319764937 (2212.3 Mb)

route

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
loopback        *               255.0.0.0       U     0      0        0 lo
default         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

If someone see anything weird, please, tell me.

14

albertosanchezm schrieb:
> One interesting thing I have seen: I try to open the router web console
> (in 192.168.1.1) from Firefox with the same result: “Direction
> 192.168.1.1 connected. Waiting for reply…”. Doing the same from a
> windows machine the connection is performed witout problem. For me, this
> seems like a routing problem, isn’t it?

No, if the problem already happens when you try to connect to your
default gateway then there is no routing involved yet, so its
definitely not a routing problem.

Also if other machines on the same network can connect fine it’s
quite likely the problem is with the one machine which cannot
connect and not with the router.

I suspect it’s something to do with your SUSE machine’s firewall
settings. Do you have SUSEfirewall2 enabled in YAST? Do the
problems go away if you switch it off? If so, post your firewall
settings. Perhaps there’s something in them to explain your
troubles.

HTH
T.


Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany

15

I have disabled the firewall thru YAST but the problem still remains.

I was thinking about other network components, and the only thing that exists between the SUSE machine and the router is a CONNECTION ELS24 switch. Could it be the problem?

16

Try switching to a different port and if that doesn’t resolve anytthing try connecting directly to the gateway. This way you can rule out the switch…

17

albertosanchezm schrieb:
> I have disabled the firewall thru YAST but the problem still remains.
>
> I was thinking about other network components, and the only thing that
> exists between the SUSE machine and the router is a CONNECTION ELS24
> switch. Could it be the problem?

That would surprise me very much, but of course at this point nothing
can be definitely excluded.

Things you might try if it’s not too difficult in your environment:

  • Connect the SuSE machine directly to the router, with no other
    machines connected, to see if the switch or one of the other
    computers interferes.

  • Boot the SuSE machine with a CD based Linux (eg. Knoppix) to see
    if it’s something to do with your SuSE installation.

  • Connect the SuSE machine to a different network to see if it’s
    the router blocking it somehow.

  • Try sniffing the ethernet connection between the SuSE machine and
    the router to see exactly what’s going on, hoping to find a clue.
    (Packet sizes, TCP options, missing or extraneous packets …)

Other than that, I’m out of ideas.


Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany

18

Well… I connected the machine directly to the router and the problem still remains. So, nowadays the possible failing points are: SUSE, router and line itself.

I also tried boot from livecd… guess what happend? Yep, the same.

The third suggestion is what I think is the key, but unfortunately I cannot do it.

About the sniffing… which command should I use?

19

Have you tried to set things manually ? I mean dont use dhcp in yast. Enter the ip address , netmask , gateway and dns manually. Enter yast … **delete any configuration you have, **and then manually set it again.

20

Yes, I’ve tried with same result. Thanks.